Loading
Feature Disruption - Service Cloud VoiceRead More
Feature degradation | Gmail Email delivery failureRead More

Guest User Profile Takes Over when Site User Session Ends

Publish Date: Aug 16, 2023
Description
When logged in as an Experience Cloud site user, if a session times out, the access of the Guest User is applied until a new session is created. 

All components and any subsequent API requests made, will be processed as the Guest User. To avoid any risk of data leak, the Guest User profile should have the correct permissions set at all times. 

Individual components do not handle session timeouts. This, is handled at the App Level by redirecting to the login page or showing a session timeout warning (pop up).

 
Resolution

Session timeout implies that once a user has been timed out, the profile settings and permissions for the Guest User will be used for data access until a new session is created. For this reason, it is important that Best Practices and Considerations When Configuring the Guest User Profile are followed at all times.

 
Knowledge Article Number

000389610

 
Loading
Salesforce Help | Article